1. Field of the Invention
The invention relates to network security systems, and specifically, to a network security system that provides centralized access and termination control to a plurality of different network systems for a plurality of network users.
2. Description of the Prior Art
It is problem in the art of network security to provide and manage access to a plurality of different network systems for a plurality of users with different levels of access rights. One solution to this problem is to utilize network access cards, sometimes referred to in the art as “smart cards,” to provide users with the appropriate access to the different network systems according to the level of the user's access rights. A network access card system connected to the network provides customized network access cards to the individual users. The network access cards then serve as keys for the individual users to access the various systems according to the user's access rights.
In one example of a system that utilizes network access cards, the network access card system interfaces with a human resource system to obtain an individual users access information. In response to receiving the access information from the human resource system, the network access card system customizes a network access card for the user that includes access rights to the different network systems according to the user's level of access. A profile for the user that includes the user's access information is setup on each of the individual network systems for which the user is granted access. For example, the user profile could be setup for various devices in a physical security system to provide building access, office access, lab access, conference room access etc. The user profile could also be setup on the user's workstation and/or other devices connected to the network to provide the user with access to those devices. The network access card then serves as key to permit the user to access the various systems and data.
Unfortunately, when access rights for a user change, or are terminated all together, each of the individual network systems must be manually updated to delete the user profile information to terminate the user's access. Where the user has access to dozens of network systems, the process of removing the user's access to all of these systems often takes weeks or even months. This problem is further complicated where there are hundreds or even thousands of users with different levels of access to a plurality of different network systems.